Skip to main content
Version: 7.3

Metrics

The ElastiFlow Unified Collectors expose the /metrics endpoint to provide Prometheus-compatible statistics related to its performance and the resources it uses.

The endpoint returns data in a Prometheus text-based exposition format. Please refer to the Prometheus documentation to learn more.

Statistics

This section describes the statistics that can be retrieved from the /metrics endpoint.

app_info

app_info provides application details. The following is an example of an app_info record:

app_info{arch="arm64",cpus="8",env="native",hostname="M1-MacBook-Pro.local",os="darwin",run_id="b1214e11-198f-43e7-81f1-c9986e9b3ff7"} 1

The app_info data provides the following labels:

LabelDescription
archenvironment running application
cpusnumber of cpus available
envnative install or Docker
hostnamename of machine
osoperating system running application
run_idrun id of application

license_units

license_units provides license details. The following is an example of a license_units record:

license_units{account_id="",expiration="0",level="0"} 1

The license_units record provides the following labels:

LabelDescription
account_idaccount id of license.
expirationlicense expiration date.
levellicense level.

Flow UDP Server

The following statistics are provided for the UDP Server input.

udp_server_packet_queue_util

udp_server_packet_queue_util provides the utilization of the packet queue, which stores received packets waiting to be processed.

udp_server_packet_queue_util{application="flowcoll"} 0

The udp_server_packet_queue_util record provides the following labels:

LabelDescription
applicationThe name of the application.

udp_server_packets_received_total

udp_server_packets_received_total provides the total count of packets received by the UDP Server.

udp_server_packets_received_total{application="flowcoll",port="9995"} 0

The udp_server_packets_received_total record provides the following labels:

LabelDescription
applicationThe name of the application.
portThe port on which the UDP server listens.

udp_server_bytes_received_total

udp_server_bytes_received_total provides the total count of bytes received by the UDP Server.

udp_server_bytes_received_total{application="flowcoll",port="9995"} 0

The udp_server_bytes_received_total record provides the following labels:

LabelDescription
applicationThe name of the application.
portThe port on which the UDP server listens.

Processor

record_queue_util

Ratio of the record queue size divided by its capacity.

record_queue_util{application="flowcoll"} 0

The record_queue_util record provides the following labels:

LabelDescription
applicationThe name of the application.

Elasticsearch Output

outputs_records_received_total

outputs_records_received_total provides the total count of records received by the output.

outputs_records_received_total{application="flowcoll",instance_name="default",namespace="default",output="elasticsearch",record_type="flow"} 2

The outputs_records_received_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

outputs_records_sent_total

outputs_records_sent_total provides the total count of records sent by the output.

outputs_records_sent_total{application="flowcoll",instance_name="default",namespace="default",output="elasticsearch",record_type="flow"} 2

The outputs_records_sent_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

outputs_bulk_requests_total

outputs_bulk_requests_total provides the total count of bulk requests sent by the output.

outputs_bulk_requests_total{application="flowcoll",instance_name="default",namespace="default",output="elasticsearch"} 2

The outputs_bulk_requests_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.

outputs_bulk_requests_errored_total

outputs_bulk_requests_errored_total provides the total count of errored bulk requests.

outputs_bulk_requests_errored_total{application="flowcoll",instance_name="default",namespace="default",output="elasticsearch"} 0

The outputs_bulk_requests_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.

outputs_records_errored_total

outputs_records_errored_total provides the total count of errored records.

outputs_records_errored_total{application="flowcoll",instance_name="default",namespace="default",output="elasticsearch",record_type="flow"} 1

The outputs_records_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

OpenSearch Output

outputs_records_received_total

outputs_records_received_total provides the total count of records received by the output.

outputs_records_received_total{application="flowcoll",instance_name="default",namespace="default",output="opensearch",record_type="flow"} 2

The outputs_records_received_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

outputs_records_sent_total

outputs_records_sent_total provides the total count of records sent by the output.

outputs_records_sent_total{application="flowcoll",instance_name="default",namespace="default",output="opensearch",record_type="flow"} 2

The outputs_records_sent_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

outputs_bulk_requests_total

outputs_bulk_requests_total provides the total count of bulk requests sent by the output.

outputs_bulk_requests_total{application="flowcoll",instance_name="default",namespace="default",output="opensearch"} 2

The outputs_bulk_requests_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.

outputs_bulk_requests_errored_total

outputs_bulk_requests_errored_total provides the total count of errored bulk requests.

outputs_bulk_requests_errored_total{application="flowcoll",instance_name="default",namespace="default",output="opensearch"} 0

The outputs_bulk_requests_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.

outputs_records_errored_total

outputs_records_errored_total provides the total count of errored records.

outputs_records_errored_total{application="flowcoll",instance_name="default",namespace="default",output="opensearch",record_type="flow"} 1

The outputs_records_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

Cribl Output

outputs_records_received_total

outputs_records_received_total provides the total count of records received by the output.

outputs_records_received_total{application="flowcoll",instance_name="default",namespace="default",output="cribl",record_type="flow"} 2

The outputs_records_received_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

outputs_records_sent_total

outputs_records_sent_total provides the total count of records sent by the output.

outputs_records_sent_total{application="flowcoll",instance_name="default",namespace="default",output="cribl",record_type="flow"} 2

The outputs_records_sent_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

outputs_bulk_requests_total

outputs_bulk_requests_total provides the total count of bulk requests sent by the output.

outputs_bulk_requests_total{application="flowcoll",instance_name="default",namespace="default",output="cribl"} 2

The outputs_bulk_requests_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.

outputs_bulk_requests_errored_total

outputs_bulk_requests_errored_total provides the total count of errored bulk requests.

outputs_bulk_requests_errored_total{application="flowcoll",instance_name="default",namespace="default",output="cribl"} 0

The outputs_bulk_requests_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.

outputs_records_errored_total

outputs_records_errored_total provides the total count of errored records.

outputs_records_errored_total{application="flowcoll",instance_name="default",namespace="default",output="cribl",record_type="flow"} 1

The outputs_records_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

Kafka Output

kafka_producer_messages_errored_total

kafka_producer_messages_errored_total provides the total count of errored messages.

kafka_producer_messages_errored_total{application="flowcoll",client_id="elastiflow-flowcoll",message_type="record",namespace="default",topic="elastiflow-flow-codex-1.0"} 0

The kafka_producer_messages_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
topicThe name of the kafka topic.
client_idThe Kafka producer client ID.
message_typeThe type of message produced.
namespaceThe name of the namespace.

kafka_producer_messages_sent_total

kafka_producer_messages_sent_total provides the total count of messages produced by the output.

kafka_producer_messages_sent_total{application="flowcoll",client_id="elastiflow-flowcoll",message_type="record",namespace="default",topic="elastiflow-flow-codex-1.0"} 0

The kafka_producer_messages_sent_total record provides the following labels:

LabelDescription
applicationThe name of the application.
topicThe name of the kafka topic.
client_idThe Kafka producer client ID.
message_typeThe type of message produced.
namespaceThe name of the namespace.

Splunk Output

outputs_records_received_total

outputs_records_received_total provides the total count of records received by the output.

outputs_records_received_total{application="flowcoll",instance_name="default",namespace="default",output="splunk",record_type="flow"} 2

The outputs_records_received_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

outputs_records_sent_total

outputs_records_sent_total provides the total count of records sent by the output.

outputs_records_sent_total{application="flowcoll",instance_name="default",namespace="default",output="splunk",record_type="flow"} 2

The outputs_records_sent_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.

outputs_bulk_requests_total

outputs_bulk_requests_total provides the total count of bulk requests sent by the output.

outputs_bulk_requests_total{application="flowcoll",instance_name="default",namespace="default",output="splunk"} 2

The outputs_bulk_requests_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.

outputs_bulk_requests_errored_total

outputs_bulk_requests_errored_total provides the total count of errored bulk requests.

outputs_bulk_requests_errored_total{application="flowcoll",instance_name="default",namespace="default",output="splunk"} 0

The outputs_bulk_requests_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.

outputs_records_errored_total

outputs_records_errored_total provides the total count of errored records.

outputs_records_errored_total{application="flowcoll",instance_name="default",namespace="default",output="splunk",record_type="flow"} 1

The outputs_records_errored_total record provides the following labels:

LabelDescription
applicationThe name of the application.
instance_namename of the collector instance
namespaceThe name of the namespace.
outputThe name of the output.
record_typeThe type of the data contained in the record.